Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4DbW_s8Tan9Qy2p3MdkxqSjepFk.roa
File: 4DbW_s8Tan9Qy2p3MdkxqSjepFk.roa (raw, json)
Hash identifier: gZviEtvJGRRr+HYANhpbzl5AbB9Ga9kyP+HPL+GGt1s=
Subject key identifier: E0:36:D6:FE:CF:13:6A:7F:50:CB:6A:77:31:D9:31:A9:28:DE:A4:59
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019D2939A029367A248440CB1A0ABBFEBCE8
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4DbW_s8Tan9Qy2p3MdkxqSjepFk.roa
Signing time: Thu 26 Mar 2026 08:18:55 +0000
ROA not before: Thu 26 Mar 2026 08:18:55 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49635
IP address blocks: 206.203.28.0/23 maxlen: 23
206.203.28.0/24 maxlen: 24
206.203.29.0/24 maxlen: 24
206.203.30.0/23 maxlen: 23
206.203.30.0/24 maxlen: 24
206.203.31.0/24 maxlen: 24
206.203.32.0/23 maxlen: 23
206.203.32.0/24 maxlen: 24
206.203.33.0/24 maxlen: 24
206.203.34.0/23 maxlen: 23
206.203.34.0/24 maxlen: 24
206.203.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:39:a0:29:36:7a:24:84:40:cb:1a:0a:bb:fe:bc:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Mar 26 08:18:55 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e036d6fecf136a7f50cb6a7731d931a928dea459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f6:3a:e0:c1:11:c6:24:72:7e:db:dc:20:70:
40:4a:12:e1:f6:1c:99:4a:6e:6c:e5:e7:c5:c1:7f:
70:bd:32:5f:ac:d8:3a:9f:c2:62:3f:69:48:e7:13:
1f:18:21:4c:3e:76:5e:33:eb:a8:73:05:3f:1a:eb:
27:1a:d6:53:07:d1:65:3a:65:fa:ee:1b:04:e1:8e:
d7:df:a3:a0:96:8f:24:12:52:71:01:00:5c:1b:e6:
02:ee:32:10:c8:2c:19:b8:1c:a6:1c:0f:1d:59:8e:
ae:38:f2:89:83:59:db:ed:b8:cd:9d:a7:b6:95:91:
b5:c4:e5:ad:89:be:1d:67:c2:22:7d:0a:6a:c4:7d:
89:9a:e8:22:94:1d:03:22:4f:78:0c:fb:2f:ad:b1:
57:5d:2d:77:98:08:c7:e9:8b:15:d2:9a:f9:83:d7:
12:29:50:65:3d:98:7d:a7:f1:a8:56:e2:ef:8c:7f:
d9:c2:80:e7:a2:a6:44:c2:b7:98:29:f9:4f:4c:a8:
e8:ad:ba:6b:61:fb:92:9c:b6:17:16:f1:b7:22:01:
22:c5:0b:f0:43:f1:38:46:eb:59:9c:54:27:e6:df:
69:77:a4:c1:8c:2e:30:b9:2b:c6:eb:51:6e:b2:e2:
08:f0:ce:34:a0:28:b9:d6:03:8b:1e:75:31:d2:80:
88:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:36:D6:FE:CF:13:6A:7F:50:CB:6A:77:31:D9:31:A9:28:DE:A4:59
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4DbW_s8Tan9Qy2p3MdkxqSjepFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
206.203.28.0-206.203.35.255
Signature Algorithm: sha256WithRSAEncryption
3b:19:03:a6:d8:56:1d:ce:84:0c:79:bc:4f:f6:9d:27:5b:ee:
96:7f:47:c0:e7:da:19:87:c0:2e:0e:e9:7d:6e:e9:ca:9a:3e:
f7:f4:1f:50:c3:4e:68:95:74:14:d2:af:5e:ac:e5:a3:3f:c5:
2f:a0:f7:ce:36:d0:12:ca:fd:ea:57:a0:75:ab:85:09:1b:56:
e8:63:06:a8:67:ac:d2:8d:b2:91:e6:06:6d:ce:22:c4:37:77:
17:4f:95:a8:62:7b:b1:40:18:39:e3:52:4d:1c:60:3d:20:d5:
0e:db:f8:c1:f6:f0:0e:45:66:ff:e8:c1:54:22:68:64:ed:91:
15:6b:70:61:82:f4:f2:b3:5c:38:c6:01:cf:cc:52:87:f0:1a:
1f:9a:86:38:e4:da:85:db:d0:64:53:e2:94:56:b6:c6:55:a8:
78:e1:71:48:a3:69:8c:a5:23:16:2c:f3:b6:83:86:de:fe:e5:
c5:3a:50:cc:eb:26:d0:89:09:0a:64:87:36:33:01:10:7d:8d:
e7:71:44:1f:59:61:04:ea:eb:cd:be:db:cb:3a:84:8b:aa:44:
9f:56:6e:0e:c5:a4:c0:19:cf:9f:f9:99:45:f6:4f:ce:0b:f6:
65:af:19:de:2a:6e:70:74:da:b1:22:cb:bd:08:04:34:f8:91:
75:07:53:e0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZ0pOaApNnokhEDLGgq7/rzoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjYwMzI2MDgxODU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDM2ZDZmZWNmMTM2YTdmNTBjYjZhNzczMWQ5MzFhOTI4ZGVhNDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPY64MERxiRyftvcIHBAShLh9hyZ
Sm5s5efFwX9wvTJfrNg6n8JiP2lI5xMfGCFMPnZeM+uocwU/GusnGtZTB9FlOmX6
7hsE4Y7X36Oglo8kElJxAQBcG+YC7jIQyCwZuBymHA8dWY6uOPKJg1nb7bjNnae2
lZG1xOWtib4dZ8IifQpqxH2JmugilB0DIk94DPsvrbFXXS13mAjH6YsV0pr5g9cS
KVBlPZh9p/GoVuLvjH/ZwoDnoqZEwreYKflPTKjorbprYfuSnLYXFvG3IgEixQvw
Q/E4RutZnFQn5t9pd6TBjC4wuSvG61FusuII8M40oCi51gOLHnUx0oCIpwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOA21v7PE2p/UMtqdzHZMako3qRZMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvNERiV19zOFRhbjlReTJwM01ka3hxU2plcEZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALOyxwD
BALOyyAwDQYJKoZIhvcNAQELBQADggEBADsZA6bYVh3OhAx5vE/2nSdb7pZ/R8Dn
2hmHwC4O6X1u6cqaPvf0H1DDTmiVdBTSr16s5aM/xS+g98420BLK/epXoHWrhQkb
VuhjBqhnrNKNspHmBm3OIsQ3dxdPlahie7FAGDnjUk0cYD0g1Q7b+MH28A5FZv/o
wVQiaGTtkRVrcGGC9PKzXDjGAc/MUofwGh+ahjjk2oXb0GRT4pRWtsZVqHjhcUij
aYylIxYs87aDht7+5cU6UMzrJtCJCQpkhzYzARB9jedxRB9ZYQTq682+28s6hIuq
RJ9Wbg7FpMAZz5/5mUX2T84L9mWvGd4qbnB02rEiy70IBDT4kXUHU+A=
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:18:59 2026 by rpki-client